Many kinds of distributed applications are vulnerable to issues related to the influence of untrusted/user-controlled data on runtime execution. It is common for untrusted data (such as input fields on a web page) to be processed in order to execute database queries or to construct mark-up (and code) which is subsequently rendered and/or executed. Because untrusted inputs may be part of a process involved in the functionality of various applications, and because these inputs may be generally provided as strings and/or other data types which may not be processed/executed directly, application code may integrate/convert them to a form which may subsequently be executed.